In the Specification 

On page 1, lines 12 and 13 please take out the words "continuation-in-part of application Serial 
Number 60/320,013 filed March 17, 2003" and put in its stead the words "continuation of U.S. 
Provisional Application Ser. No. 60/320,013, filed March 17, 2003 on behalf of Baschy, entitled "User 
Interface Driven Access Control", the content of which is hereby incorporated by reference as if set 
forth fully herein". 

This application is a continuation - in - part of application Serial Number 60/320,013 filed March 17, 
aOO ^ontinuation of U.S. Provisional Application Ser. No. 60/320.013. filed March 17. 2003 on behalf 
of Baschy. entitled "User Interface Driven Access Control", the content of which is hereby 
incorporated by reference as if sgt fprth fUUy herein. 

On page 3 after line 15 please insert the following paragraphs. 

The term "likeness of a person" means a identifying pictorial representation of the person, an imitative 
image, e.g. an identifying photograph, possibly a modified photograph or a machine processed image 
of that person that sufficiently corresponds to the person's appearance to allow a normally skilled 
hiiman to identify the person in an encounter with normal visual contact. 

A "normal size, legibly scaled, unabridged representation of the content of a resource" is what 
commonly is shown in normal use by a word processing application or by a drawing software when the 
operator views or edits a document. It is different than a thumbnail of a drawing or a summary of a 
document. 

A display region for access control settings for a resource and a display region for content of the 
resource are "concurrently visible and concurrently operable" if the operator can choose to initiate a 
function in either region without having to effectively put away the other. In contrast, a modal dialog 
box for access control settings would not be concurrently operable with a document content region, as 
the modal dialog box would block editing of document content until after the modal dialog box goes 
away, such going away e.g. caused by the operator clicking on an Apply or Cancel button in the dialog. 
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although then with the document content region being operable the modal dialog box would neither be 
visible nor operable until initiated to be shown again and to block editing again. Also in contrast, 
tabbed panes don't provide concurrent visibility, i.e. settings and content if in two separate panes 
wouldn't be concurrently visible. 

On page 4, line 3 take out the parenthesized words " (see http://httpd.apache.org/)". 

At the time of this disclosure, the best mode contemplated by the inventor for carrying out the present 
invention is an implementation as an enhancement to the publicly-available Apache Web server 
software (sec http://httpd.apachc.org;0 . It is expected, however, that once the usefulness of the present 
invention has become apparent to more people, the present invention will be considered in the design 
of new system architectures. Because of relative complexities of retrofitting into existing architectures, 
such as Apache, careful balance has been struck in this disclosure in order to provide a clear and 
concise yet still full and exact description of the present invention. In order to encourage widespread 
adaptation, neither a specific programming language nor a specific graphical user interface object 
library are required. 

On page 10, lines 7 and 8 take out the parenthesized words " (available, for example, at 
http://www.faqs.org/rfcs/rfc26 1 6.html)". 

For a simpler model of access control, one should map the larger number of HTTP methods to a 
smaller number of access methods. One possible mapping is down to two: READ and WRITE, with 
GET, HEAD, and POST mapped to READ, all other HTTP methods mapped to WRITE, including 
PUT, and DELETE. The reasoning behind this example mapping has to do with actual use of HTTP 
methods, specifically common use of POST for queries and use of HTTP methods by WebDAV, rather 
than what would come to mind when reading RFC 2616 (available, for example, at 
http ://www.faq3.org;tfc3/rfc26 1 6.htinl) . 

On page 18, line 1 1 take out the word "an" and put in its stead the word "a", 

on page 18, line 23 before the words "Figure 10" please break the paragraph and 

on page 19, line 1 take out the word "buttons" and put in its stead the words "check boxes". 
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Figure 9 shows a moment in the user interface of an implementation of the present invention. For a 
given URL 400 the Web browser shows a familiar representation 401 of the document. Adjoining there 
is [ [an] ]a region 410 with a representation of the effective access control settings for the document. 
User Lee 41 1 has write privilege, as indicated by a green pencil next to the user's id. Group Marketing 
412 has read privilege. User Rolf 413 has read privilege. Further adjoining there is a comprehensive 
representation of log information. Organized like columns and rows in a table, for each individual user 
420 it shows the most recent write access 430, and the most recent read access 440. A clock icon 
indicates that user Lee has written the most recent version. Eye icons indicate that user Lee and user 
Hank have seen the most recent version. Faded stamp icons indicate that user Thomas and user Rolf 
have seen an old version. A blank entry indicates that user Christoph has not yet seen the document at 
all. Blank entries in the write access column indicate that no user except user Lee has modified the 
document by writing, which could be expected in this case as user Lee is the only user who has write 
privilege. 

Figure 10 shows a moment in the user interface of another implementation of the present invention. For 
a given path 500 of a directory the browser shows a familiar representation 501, which without 
relevance to the present invention happens to be generated by the server from an index.html file by 
using a well known technique. In an integrated tree view 505 of the hierarchy of resources the directory 
is highlighted for clarity. In an integrated control region, buttons check boxes 510, 511, 512, 513, 514 
allow the operator to invoke fimctions which add and remove display regions with different 
representations of access control information relating to the selected resource, in this example i.e. the 
given directory. In this example the buttons as checkboxes also provide feedback as to which display 
regions are currently being shown. 

On page 19, line 6 take out the word "an" and put in its stead the word "a", 

on page 19, line 8 take out the word "an" and put in its stead the word "a" and 

on page 19, line 15 take out the word "Button" and put in its stead the words "Check box". 

Adjoining there is [[an]]a region 520 with a representation of the effective access control settings for 
the document. User Lee 521 has write privilege, as indicated by a green pencil next to the user's id. 
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Adjoining there is [[ae]]a region 530 with a sentence fragment that summarizes the reasons why the 
effective settings are such as they are. Other examples in this disclosure show different wording in that 
region. It is a subtle hint to beginning operators who are not yet familiar with the symbolism of the user 
interface, a symbolism that both has to correctly convey matters of access control settings as well as it 
has to fit into limited display regions, hence a symbolism that may have to do things in innovative 
ways, such innovative ways then requiring explanation. One could think of it as optional help for 
beginning operators. Btttte aCheck box 512 could switch off this region 530. 

On page 19, line 16 take out the word "an" and put in its stead the word "a". 

Adjoining there is [[a«]]a region 540 with a representation of the directly defining structured data for 
the resource, which in this example implementation also is called "resource entry". Another example in 
this disclosure shows somewhat more complex information in that region. User Lee 541 is being 
defined to have write privilege, as indicated by a green pencil next to the user's id. In this region 540 is 
where settings actually can be manipulated. That possibility is hinted at by the white background 
region, which is in contrast to the previously described two regions 520, 530, which have gray 
background to indicate that they only display resulting facts that cannot be manipulated directly. User 
Rolf 542 is in this moment being dragged in from a display region 550 with representations of known 
users and groups in order to be defined to have read privilege. As dragging is still in process, a 
condition that lasts for the order of magnitude of a second, user Rolf is not yet being displayed in the 
region 520 for effective access control settings. 

On page 20, line 3 after the word "through" insert the word " pressing" and after the word 
"combination" insert the parenthesized example " (e.g. Ctrl-Shift-U)". 

User Rolf 542, 552 has been dragged from a display region 550 with representations of known users 
and groups. This region 550 had been hidden until the operator has activated it throug h pressing a key 

On page 22, line 13 after the word "icon" insert number " 508", 
on page 22, line 15 after the word "menu" insert number " 560", 
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on page 22, line 16 after the word "immediate" insert number " 545", 

on page 22, line 17 after the word "links" insert the parenthesized explanation and number " (labeled 

"additlinks") 546", 

on page 22, line 17 after the word "entry" insert number " 540", 

on page 22, line 18 after the word "region" insert number " 550" and 

on page 22, line24 after the word "individuals" insert number " 525". 

Second example sequence, giving a group read privilege for a subdirectory only: Figure 15 shows the 
result of navigating to "documents", e.g. by clicking on its icon 508 in the tree on the left. Figure 16 
shows the effect of clicking on the "resource entry" check box. Figure 17 shows by context sensitive 
popup men u 560 creating a new "resource entry", linked as if there were "default inheritance". Figure 
18 shows the effects on "inmiediate" 545 settings and on additional links (labeled "additlinks"^ 546 . 
within the "entry" 540 . Figure 19 shows after pressing a key combination a display regio n 550 with 
representations of known users and groups, from which group Marketing is being dragged onto 
"immediate" settings. Figure 20 shows the effect on "immediate" settings, and on "effective" settings. 
Figure 21 shows after the known users and groups have been hidden already it is possible to completely 
go back to the original display layout, by hiding the "entry", with the "immediate" settings and the 
additional links, by clicking on the "resource entry" check box. Figure 22 shows it is possible to show 
"individuals " 525. in addition to "effective" settings, by clicking on the appropriately named 
"individual users" check box. Figure 23 shows another practical display layout chosen, having 
transitioned from Figure 22 by context sensitive popup menu. 

On page 25, line 9 take out the parenthesized hyperlink "(http://www.adobe.com/photoshop) ". 

Available prior art literature describes how to manipulate color saturation, brightness, contrast, and 
sharpness, and contmion software tools, such as Adobe PhotoShop (ht^ -.//www. adobe. oom/photoshop) 
may be employed. 

On page 25, line 22 after the word "RGB" insert the parenthesized explanation " (the red, green, and 
blue color space)" and on page 25, line 24 after the word "HSB" insert the parenthesized explanation 
" (the hue, saturation, and brightness color space)". 
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One implementation of conversion to grayscale comprises the steps of: If in RGB Tthe red, green, and 
blue color space") then setting all image elements' RGB components to the average of the weighed RGB 
components, (R*30+G*59+B* 1 1)/100, else if in HSB (the hue, saturation, and brightness color space) 
then setting all image elements' S component to zero. Other formulae are known as well. 

On page 48 after the four references inserted per second preliminary amendment of 2007-09-29 please 
insert the following one paragraph, i.e. one more reference. 

Hypertext Transfer Protocol HTTP/1.1, IETF RFC 2616 
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